The Essential 8
The Essential 8 is a set of cyber security strategies developed by the Australian Signals Directorate (ASD) that are designed to help organizations protect against the most common types of cyber attacks. In this blog post, we’ll outline each of the Essential 8 strategies and explain why they are so important.
- Application whitelisting: This involves creating a list of approved applications that can be run on an organization’s network. By only allowing approved applications to run, organizations can reduce the risk of malware and other malicious software being installed.
- Patching applications: Keeping software up-to-date is an essential part of cyber security. By installing the latest security patches and updates, organizations can reduce the risk of known vulnerabilities being exploited.
- Configuring Microsoft Office macro settings: Microsoft Office macros can be used to automate tasks, but they can also be used to spread malware. By configuring macro settings to block macros from untrusted sources, organizations can reduce the risk of malware being spread via Office documents.
- User application hardening: This involves configuring web browsers and email clients to block or limit the functionality of plugins and other software components that are commonly targeted by attackers.
- Restricting administrative privileges: Limiting the number of users who have administrative privileges can help prevent malware and other malicious software from spreading across an organization’s network.
- Patching operating systems: Just like with applications, keeping operating systems up-to-date is essential for cyber security. By installing the latest security patches and updates, organizations can reduce the risk of known vulnerabilities being exploited.
- Multi-factor authentication: This involves requiring users to provide additional authentication factors, such as a code sent to their phone, in addition to their password. Multi-factor authentication can help prevent unauthorized access to an organization’s network and data.
- Daily backups: Regular backups of important data can help organizations recover from a cyber attack or other data loss event. By backing up data daily, organizations can minimize the impact of a ransomware attack or other type of cyber attack.
In conclusion, the Essential 8 strategies are essential for organizations looking to protect against the most common types of cyber attacks. By implementing these strategies, organizations can reduce the risk of malware, data breaches, and other cyber security incidents. If you’re not already following these strategies, now is the time to start.